/*
 *    Copyright (c) 2018-2025, 佯攻 All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright
 * notice, this list of conditions and the following disclaimer in the
 * documentation and/or other materials provided with the distribution.
 * Neither the name of the pig4cloud.com developer nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 * Author: 佯攻 (kaiwotech@gmail.com)
 */

package com.kw.auth.phone;


import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;

import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;


@Slf4j
public class PhoneAuthenticationProvider implements AuthenticationProvider {
	private MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();

	public void setUserDetailService(UserDetailsService userDetailService) {
		this.userDetailService = userDetailService;
	}

	private UserDetailsService userDetailService;
	@Override
	@SneakyThrows
	public Authentication authenticate(Authentication authentication) {
		PhoneAuthenticationToken mobileAuthenticationToken = (PhoneAuthenticationToken) authentication;
		String principal = mobileAuthenticationToken.getPrincipal().toString();
		UserDetails userDetails = userDetailService.loadUserByUsername(principal);
		if (userDetails == null) {
			log.debug("Authentication failed: no credentials provided");

			throw new BadCredentialsException(messages.getMessage(
					"AbstractUserDetailsAuthenticationProvider.noopBindAccount",
					"Noop Bind Account"));
		}
		if((mobileAuthenticationToken.getCredentials().toString().equals("0000"))){
			return this.createSuccessAuthentication(principal, authentication, userDetails);
			//假设验证码为0000
		}else{
			throw new BadCredentialsException("验证码不正确");
		}
	}

	protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) {
		PhoneAuthenticationToken result = new PhoneAuthenticationToken(principal, authentication.getCredentials().toString(), user.getAuthorities());
		result.setDetails(authentication.getDetails());
		return result;
	}
	@Override
	public boolean supports(Class<?> authentication) {
		return PhoneAuthenticationToken.class.isAssignableFrom(authentication);
	}
}
